Running DONATION as a non-Administrator

One thing that isn’t ideal about DONATION, when run on Windows Vista or Windows 7, is that you have to run logged in as an Administrator. Not only that, but when it runs, if you have User Account Control (UAC) turned in Windows, which is the default, it prompts you as to whether it’s OK to let the program make changes to your computer every time it runs.

That’s really not how well-behaved programs are supposed to work, unless they absolutely have to have those Administrator rights. Until recently, I knew of no way to get around this, because if you use the Database -> Switch Databases menu option, it had to change an ODBC data source to do that, which could only be done as an Administrator.  Fortunately, I have figured out a way to run DONATION without needing to use ODBC data sources, so that problem goes away.

The Administrator privileges are also used, however, to allow DONATION to create and modify files under its own directory (normally C:Program FilesDonation), because normally Windows will not allow non-Administrator programs to modify anything under C:Program Files. Examples of files that are currently written there are your license key file, mail-merge letters and receipts, a file for tracking which database you are switched to if you use Database -> Switch Databases, and of course, your database file itself – donation4.db, in the Data subdirectory. If users want to supply a logo or signature bitmap file for the receipts, they have to be put into C:Program FilesDonation as well, which is even harder, because the users have to do that with some other program, which means they have to explicitly run that other program as an Administrator.

To make all of this more “correct”, in Windows terms, I need to stop running DONATION as an Administrator, and move all of those changeable files under its directory to somewhere else that all users can write. My proposal is to use a subdirectory under the All Users Application Data directory. (This is one of Microsoft’s recommendations.) This would be:

  • “C:Program DataCooperstock SoftwareDonation” on Windows Vista or Windows 7
  • “C:Documents and SettingsAll UsersApplication DataCooperstock SoftwareDonation” on Windows XP
  • “C:WindowsAll UsersApplication DataCooperstock SoftwareDonation” on Windows 2000

Unfortunately, there are some drawbacks to this change. The first is that it will be harder for users to find those files (including their database file!) if they are looking for them, and harder for me to even tell them where to look for them, since they are in different directories on different versions of Windows.

Another problem is that those are “hidden” directories, which you normally can’t even navigate to with My Computer, Computer, or Windows Explorer, unless you explicitly type in their names. You can only get to see those directories if you go to Tools -> Folder Options in one of those program, switch to the View tab, and check the radio button for “Show hidden files and folders”.

By the way, another change would be that many settings that the program stores, like various settings from Maintenance -> Main Window Options and Maintenance -> Receipt Options, which are currently stored in the Windows Registry, would now be stored in a text-based profile file in that folder mentioned above. This is because I want DONATION to work for any users logged on to the computer, and the Registry settings for all users can only be written by an Administrator. (I know that very few installations of DONATION are on computers with multiple users logging in to them with different logons, but it could certainly happen, and I think it’s best to make it work in that situation.) I may also move more of those settings into the database itself, mind you, which would be good, because they would come with you from computer to computer if you moved DONATION.

So, I’m asking for your opinions on my making this change. Except for not having to be prompted every time DONATION starts to say it’s OK, and for some new users, not having to obtain an Administrator Windows logon if they don’t already have one, there very little no real “win” in this change, and some real losses (harder to find those changeable files that were previously under C:Program FilesDONATION).

What do you think? (As usual, please Reply via the blog, if it’s convenient.) Thank you.

9 thoughts on “Running DONATION as a non-Administrator

  1. Dan,

    I don’t know if this will answer your question or not.. but let me try it this way.

    I believe all information input by the user and any results generated from that data should be in a data file location.. for Win 7 and Vista, this would be in the USER area.. not in PROGRAMS or PROGRAM DATA. My reasoning is very simple.. I back up the entire USER folder nightly and want anything that would need to be recovered in case of failure to be there. I don’t really like programs that make you dig in obscure places for the data that should be backed up. Most everything in my computer follows this convention.

    I don’t know about registry entries, etc.. but hopefully you can derive specifics from my generalization..

    David

    • David, that makes a lot of sense for something like an email program, or perhaps even for the default folder for something like a word processing program. If multiple people log onto a given computer, they should each have their own email, and their own “My Documents” area.

      BUT, if multiple people log on to a computer with DONATION on it, you wouldn’t expect them to each have their own database, would you? That’s why I think it should be in an All Users area, rather than the current user area.

      QuickBooks, for instance, by default stores its data in the same sort of All Users area, not the current users’s area. I think DONATION is a lot more like an accounting program than it is like an email program, in terms of whether it should be for one user or all users.

    • Sorry, one other thing. The only truly important thing to be backed up for DONATION is the database, and secondarily any mail-merge letter or receipt templates you have edited. Both of those have backup routines for them in the program, which I would expect users to use. (And the program reminds you regularly to backup the database.) You can put those backups anywhere you want.

      And currently, if you have an automated backup routine backing up your Users area, it’s not going to backup your DONATION database is it, because it’s not there! So if you want that database to be backed up by an automated backup, you have to explicitly include the C:Program FilesDonationData folder, or some folder to which you make backups with DONATION’s backup routine. The same issues will apply if DONATION’s data lives elsewhere.

      Having said all that, I do admit that the new location(s) are harder to find than the current data location.

  2. After thinking about David’s replies, I’m thinking it might be better to use the All Users Documents folder, which is NOT a hidden folder, rather than the All Users Application Data folder, which is hidden.

    On Windows 2000, I think this is C:WindowsAll UsersDocuments (someone that has Windows 2000 is checking for me).
    On Windows XP, this is C:Documents and SettingsAll UsersDocuments.
    On Windows Vista and Windows 7, this is C:UsersPublicDocuments.

    That still preserves it being for all users of the computer, not just the user who installed DONATION, but is better because it’s not hidden.

    • Hi Dan.. thanks for all the thoughts..I think you got to a very good place in your conversation with yourself!! I was going to ask about the PUBLIC area and rely on the user to apply password protection if there are users on the computer that shouldn’t be able to access the donation data.

      I do use my documents directory for the DONATION backup as you suggest… so, technically, I am covered in case of a failure. Not everyone is as anal about keeping back-ups as I am.. and I don’t know (because I am not you) if there are things that are not in the back-up that I would want to recover in case of failure.

      I think Quickbooks is a very good analogy as far as how it handles data. I use QB.. but the Online version so I don’t know how Intuit does it.

      David

  3. One other point about making this change is that the installation programs for the version with this change will have to make all of the changes – moving files, setting up the new profile file, etc. The program itself, when first run as the new version, will probably move all of the registry settings to its database and/or the new profile file, depending on where I decide each should go.

    This is a lot of changes in total, and any time there are a lot of changes, it is potentially error prone, which of course is not ideal. I do hope at least several of you who read this blog will be willing to jump in and beta test it when it is ready, especially as an upgrade of an existing installation, rather than as a fresh install on a different computer. Of course, I will make myself available for very quick fixes if anything goes wrong!

  4. I would suggest that all of these files should be in the database and the database be in the all users area. If you know where you created it surely you can tell the user its path? I’d be happy to test these changes.

    By the way UAC no longer annoys me. I think its called habituation.

    • I’m not sure it is realistic to move all of the mail merge template letters and receipts, and the output mail merge letters and receipts, into the database itself, though I can see the advantages of that as well. But definitely more of the settings that used to be stored in the registry will be moved into the database, so that they travel with a database.

  5. Pingback: Beta test version 3.30: Running as non-Administrator « Software4Nonprofits Blog

Comments are closed.